mirror of
https://github.com/torvalds/linux.git
synced 2026-06-08 14:42:37 +02:00
a561d683ac
4119 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Tao Huang
|
60a5825e9c |
Merge remote branch 'android-4.19' of https://android.googlesource.com/kernel/common
* android-4.19: (206154 commits) Linux 4.19.20 cifs: Always resolve hostname before reconnecting md/raid5: fix 'out of memory' during raid cache recovery of: overlay: do not duplicate properties from overlay for new nodes of: overlay: use prop add changeset entry for property in new nodes of: overlay: add missing of_node_get() in __of_attach_node_sysfs of: overlay: add tests to validate kfrees from overlay removal of: Convert to using %pOFn instead of device_node.name mm: migrate: don't rely on __PageMovable() of newpage after unlocking it mm: hwpoison: use do_send_sig_info() instead of force_sig() mm, oom: fix use-after-free in oom_kill_process mm,memory_hotplug: fix scan_movable_pages() for gigantic hugepages oom, oom_reaper: do not enqueue same task twice mm/hugetlb.c: teach follow_hugetlb_page() to handle FOLL_NOWAIT kernel/exit.c: release ptraced tasks before zap_pid_ns_processes btrfs: On error always free subvol_name in btrfs_mount Btrfs: fix deadlock when allocating tree block during leaf/node split mmc: sdhci-iproc: handle mmc_of_parse() errors during probe platform/x86: asus-nb-wmi: Drop mapping of 0x33 and 0x34 scan codes platform/x86: asus-nb-wmi: Map 0x35 to KEY_SCREENLOCK ... Conflicts: Documentation/devicetree/bindings/clock/rockchip,rk3399-cru.txt Documentation/devicetree/bindings/devfreq/event/rockchip-dfi.txt Documentation/devicetree/bindings/display/bridge/analogix_dp.txt Documentation/devicetree/bindings/display/rockchip/analogix_dp-rockchip.txt Documentation/devicetree/bindings/display/rockchip/dw_mipi_dsi_rockchip.txt Documentation/devicetree/bindings/display/rockchip/inno_hdmi-rockchip.txt Documentation/devicetree/bindings/display/rockchip/rockchip-lvds.txt Documentation/devicetree/bindings/media/i2c/ov2685.txt Documentation/devicetree/bindings/media/i2c/ov5695.txt Documentation/devicetree/bindings/media/i2c/ov7251.txt Documentation/devicetree/bindings/phy/phy-rockchip-inno-usb2.txt Documentation/devicetree/bindings/phy/phy-rockchip-typec.txt Documentation/devicetree/bindings/phy/rockchip-dp-phy.txt Documentation/devicetree/bindings/phy/rockchip-emmc-phy.txt Documentation/devicetree/bindings/soc/rockchip/grf.txt Documentation/devicetree/bindings/sound/rockchip,pdm.txt Documentation/devicetree/bindings/timer/rockchip,rk-timer.txt Documentation/devicetree/bindings/usb/rockchip,dwc3.txt arch/arm/boot/dts/rk3036-kylin.dts arch/arm/boot/dts/rk3036.dtsi arch/arm/boot/dts/rk3228-evb.dts arch/arm/boot/dts/rk3229-evb.dts arch/arm/boot/dts/rk322x.dtsi arch/arm/boot/dts/rk3288-fennec.dts arch/arm/boot/dts/rk3288-firefly-reload.dts arch/arm/boot/dts/rk3288-miqi.dts arch/arm/boot/dts/rk3288-phycore-rdk.dts arch/arm/boot/dts/rk3288-phycore-som.dtsi arch/arm/boot/dts/rv1108.dtsi arch/arm64/boot/dts/rockchip/rk3328-evb.dts arch/arm64/boot/dts/rockchip/rk3328-rock64.dts arch/arm64/boot/dts/rockchip/rk3328.dtsi arch/arm64/boot/dts/rockchip/rk3368-evb.dtsi arch/arm64/boot/dts/rockchip/rk3368-geekbox.dts arch/arm64/boot/dts/rockchip/rk3368-px5-evb.dts arch/arm64/boot/dts/rockchip/rk3399-gru.dtsi arch/arm64/boot/dts/rockchip/rk3399-opp.dtsi arch/arm64/boot/dts/rockchip/rk3399-sapphire.dtsi arch/arm64/boot/dts/rockchip/rk3399.dtsi drivers/clk/rockchip/clk-ddr.c drivers/clk/rockchip/clk-half-divider.c drivers/clk/rockchip/clk-px30.c drivers/clk/rockchip/clk-rk3036.c drivers/clk/rockchip/clk-rk3128.c drivers/clk/rockchip/clk-rk3228.c drivers/clk/rockchip/clk-rk3328.c drivers/clk/rockchip/clk-rk3399.c drivers/clk/rockchip/clk-rv1108.c drivers/devfreq/event/rockchip-dfi.c drivers/gpu/drm/bridge/analogix/Kconfig drivers/gpu/drm/bridge/analogix/Makefile drivers/gpu/drm/bridge/analogix/analogix_dp_core.c drivers/gpu/drm/bridge/analogix/analogix_dp_core.h drivers/gpu/drm/bridge/analogix/analogix_dp_reg.c drivers/gpu/drm/bridge/dumb-vga-dac.c drivers/gpu/drm/rockchip/analogix_dp-rockchip.c drivers/gpu/drm/rockchip/cdn-dp-core.c drivers/gpu/drm/rockchip/cdn-dp-core.h drivers/gpu/drm/rockchip/cdn-dp-reg.c drivers/gpu/drm/rockchip/cdn-dp-reg.h drivers/gpu/drm/rockchip/dw-mipi-dsi.c drivers/gpu/drm/rockchip/inno_hdmi.c drivers/gpu/drm/rockchip/inno_hdmi.h drivers/gpu/drm/rockchip/rockchip_lvds.c drivers/gpu/drm/rockchip/rockchip_vop_reg.c drivers/gpu/drm/rockchip/rockchip_vop_reg.h drivers/hid/hid-alps.c drivers/iio/light/vl6180.c drivers/leds/leds-is31fl32xx.c drivers/media/cec/cec-adap.c drivers/media/cec/cec-api.c drivers/media/cec/cec-notifier.c drivers/media/i2c/ov5647.c drivers/media/i2c/ov5695.c drivers/media/i2c/ov7251.c drivers/media/platform/rockchip/rga/rga.c drivers/media/rc/ir-imon-decoder.c drivers/media/rc/serial_ir.c drivers/media/spi/Kconfig drivers/media/spi/Makefile drivers/media/v4l2-core/v4l2-fwnode.c drivers/net/phy/rockchip.c drivers/phy/rockchip/Kconfig drivers/phy/rockchip/Makefile drivers/phy/rockchip/phy-rockchip-emmc.c drivers/phy/rockchip/phy-rockchip-inno-usb2.c drivers/phy/rockchip/phy-rockchip-typec.c drivers/phy/rockchip/phy-rockchip-usb.c drivers/pinctrl/pinctrl-rk805.c drivers/power/reset/reboot-mode.c drivers/soc/rockchip/grf.c drivers/usb/dwc3/dwc3-of-simple.c drivers/usb/gadget/udc/core.c include/drm/bridge/analogix_dp.h include/dt-bindings/clock/px30-cru.h include/dt-bindings/clock/rk3036-cru.h include/dt-bindings/clock/rk3128-cru.h include/dt-bindings/clock/rk3228-cru.h include/dt-bindings/clock/rk3328-cru.h include/dt-bindings/clock/rk3399-cru.h include/dt-bindings/power/px30-power.h include/dt-bindings/power/rk3036-power.h include/dt-bindings/power/rk3228-power.h include/media/cec-notifier.h include/soc/rockchip/rockchip_sip.h include/sound/hdmi-codec.h sound/soc/codecs/hdmi-codec.c sound/soc/rockchip/rockchip_pdm.c sound/soc/rockchip/rockchip_pdm.h Signed-off-by: Tao Huang <huangtao@rock-chips.com> |
||
|
Tao Huang
|
135b29c75f |
rk: revert to v4.4
Signed-off-by: Tao Huang <huangtao@rock-chips.com> |
||
|
Greg Kroah-Hartman
|
26bf816608 |
This is the 4.19.18 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlxMGy0ACgkQONu9yGCS
aT5ppQ/8COjyZg1aTrCrd0ttMHYotw3Lb4B6E/SCf2ub4X38SxGz9irhQ7r2FKdK
w0ZXlLOF2ddqWe6BUnIfWago4Pk1GBpg3bgnp5XyYTjlJbfI2yZ9ggiO0iNYBPaL
fN2JwM9eze/7cDlpYbhwGpF4+Wz8wTrzh+NIputcvC6n3SQH/cTGmOUa9rlamQju
uukkvLanAYY3sqDCl4B415Ds44ROU4filqHYIkvZC81jc3Q0YZ8M7cTmpLcDQKGz
8Z+Veil07jEM9bF2W8iX79nwxMT+edFC62HMuRCoxJKq+1kccw1TVMWpQ8TWbv13
zeLOqXxNP6VcNaC251q3QzlInRDp1dtr8KtzA/OG0WFnZBTEDng/iChhiL8qZt0R
9+Sz7n9uZ5pMRK3tr03Ccjg3AneKWRqad2iaTB/kOwAdu7Uqxz8U9qUuRDFPV7OY
KTMCCfdS8XpMHl/S+Cvg2dqSNiBEkNmowYO6NvQClG0aoN4/6wH+m2TZ0hCl6PVq
pNFOTJmp7FOaztEZC4rqW8DoOGeGaNo5DP9A2XKKDR20F7EiAE437ApEQ4p5QGVk
ek4uslZkwJWU/UOzXRl/Hoz0OlI0ixsdZy1vw88HCl7SD1E7xHJpnRUkOjigTT1Q
nbCt0Nm/A2+c1tKbzU+PVW8FtIbutZhW1BtrqaIbbHr9NBTICR0=
=Yg+/
-----END PGP SIGNATURE-----
Merge 4.19.18 into android-4.19
Changes in 4.19.18
ipv6: Consider sk_bound_dev_if when binding a socket to a v4 mapped address
mlxsw: spectrum: Disable lag port TX before removing it
mlxsw: spectrum_switchdev: Set PVID correctly during VLAN deletion
net: dsa: mv88x6xxx: mv88e6390 errata
net, skbuff: do not prefer skb allocation fails early
qmi_wwan: add MTU default to qmap network interface
r8169: Add support for new Realtek Ethernet
ipv6: Take rcu_read_lock in __inet6_bind for mapped addresses
net: clear skb->tstamp in bridge forwarding path
netfilter: ipset: Allow matching on destination MAC address for mac and ipmac sets
gpio: pl061: Move irq_chip definition inside struct pl061
drm/amd/display: Guard against null stream_state in set_crc_source
drm/amdkfd: fix interrupt spin lock
ixgbe: allow IPsec Tx offload in VEPA mode
platform/x86: asus-wmi: Tell the EC the OS will handle the display off hotkey
e1000e: allow non-monotonic SYSTIM readings
usb: typec: tcpm: Do not disconnect link for self powered devices
selftests/bpf: enable (uncomment) all tests in test_libbpf.sh
of: overlay: add missing of_node_put() after add new node to changeset
writeback: don't decrement wb->refcnt if !wb->bdi
serial: set suppress_bind_attrs flag only if builtin
bpf: Allow narrow loads with offset > 0
ALSA: oxfw: add support for APOGEE duet FireWire
x86/mce: Fix -Wmissing-prototypes warnings
MIPS: SiByte: Enable swiotlb for SWARM, LittleSur and BigSur
crypto: ecc - regularize scalar for scalar multiplication
arm64: perf: set suppress_bind_attrs flag to true
drm/atomic-helper: Complete fake_commit->flip_done potentially earlier
clk: meson: meson8b: fix incorrect divider mapping in cpu_scale_table
samples: bpf: fix: error handling regarding kprobe_events
usb: gadget: udc: renesas_usb3: add a safety connection way for forced_b_device
fpga: altera-cvp: fix probing for multiple FPGAs on the bus
selinux: always allow mounting submounts
ASoC: pcm3168a: Don't disable pcm3168a when CONFIG_PM defined
scsi: qedi: Check for session online before getting iSCSI TLV data.
drm/amdgpu: Reorder uvd ring init before uvd resume
rxe: IB_WR_REG_MR does not capture MR's iova field
efi/libstub: Disable some warnings for x86{,_64}
jffs2: Fix use of uninitialized delayed_work, lockdep breakage
clk: imx: make mux parent strings const
pstore/ram: Do not treat empty buffers as valid
media: uvcvideo: Refactor teardown of uvc on USB disconnect
powerpc/xmon: Fix invocation inside lock region
powerpc/pseries/cpuidle: Fix preempt warning
media: firewire: Fix app_info parameter type in avc_ca{,_app}_info
ASoC: use dma_ops of parent device for acp_audio_dma
media: venus: core: Set dma maximum segment size
staging: erofs: fix use-after-free of on-stack `z_erofs_vle_unzip_io'
net: call sk_dst_reset when set SO_DONTROUTE
scsi: target: use consistent left-aligned ASCII INQUIRY data
scsi: target/core: Make sure that target_wait_for_sess_cmds() waits long enough
selftests: do not macro-expand failed assertion expressions
arm64: kasan: Increase stack size for KASAN_EXTRA
clk: imx6q: reset exclusive gates on init
arm64: Fix minor issues with the dcache_by_line_op macro
bpf: relax verifier restriction on BPF_MOV | BPF_ALU
kconfig: fix file name and line number of warn_ignored_character()
kconfig: fix memory leak when EOF is encountered in quotation
mmc: atmel-mci: do not assume idle after atmci_request_end
btrfs: volumes: Make sure there is no overlap of dev extents at mount time
btrfs: alloc_chunk: fix more DUP stripe size handling
btrfs: fix use-after-free due to race between replace start and cancel
btrfs: improve error handling of btrfs_add_link
tty/serial: do not free trasnmit buffer page under port lock
perf intel-pt: Fix error with config term "pt=0"
perf tests ARM: Disable breakpoint tests 32-bit
perf svghelper: Fix unchecked usage of strncpy()
perf parse-events: Fix unchecked usage of strncpy()
perf vendor events intel: Fix Load_Miss_Real_Latency on SKL/SKX
netfilter: ipt_CLUSTERIP: check MAC address when duplicate config is set
netfilter: ipt_CLUSTERIP: remove wrong WARN_ON_ONCE in netns exit routine
netfilter: ipt_CLUSTERIP: fix deadlock in netns exit routine
x86/topology: Use total_cpus for max logical packages calculation
dm crypt: use u64 instead of sector_t to store iv_offset
dm kcopyd: Fix bug causing workqueue stalls
perf stat: Avoid segfaults caused by negated options
tools lib subcmd: Don't add the kernel sources to the include path
dm snapshot: Fix excessive memory usage and workqueue stalls
perf cs-etm: Correct packets swapping in cs_etm__flush()
perf tools: Add missing sigqueue() prototype for systems lacking it
perf tools: Add missing open_memstream() prototype for systems lacking it
quota: Lock s_umount in exclusive mode for Q_XQUOTA{ON,OFF} quotactls.
clocksource/drivers/integrator-ap: Add missing of_node_put()
dm: Check for device sector overflow if CONFIG_LBDAF is not set
Bluetooth: btusb: Add support for Intel bluetooth device 8087:0029
ALSA: bebob: fix model-id of unit for Apogee Ensemble
sysfs: Disable lockdep for driver bind/unbind files
IB/usnic: Fix potential deadlock
scsi: mpt3sas: fix memory ordering on 64bit writes
scsi: smartpqi: correct lun reset issues
ath10k: fix peer stats null pointer dereference
scsi: smartpqi: call pqi_free_interrupts() in pqi_shutdown()
scsi: megaraid: fix out-of-bound array accesses
iomap: don't search past page end in iomap_is_partially_uptodate
ocfs2: fix panic due to unrecovered local alloc
mm/page-writeback.c: don't break integrity writeback on ->writepage() error
mm/swap: use nr_node_ids for avail_lists in swap_info_struct
userfaultfd: clear flag if remap event not enabled
mm, proc: be more verbose about unstable VMA flags in /proc/<pid>/smaps
iwlwifi: mvm: Send LQ command as async when necessary
Bluetooth: Fix unnecessary error message for HCI request completion
ipmi: fix use-after-free of user->release_barrier.rda
ipmi: msghandler: Fix potential Spectre v1 vulnerabilities
ipmi: Prevent use-after-free in deliver_response
ipmi:ssif: Fix handling of multi-part return messages
ipmi: Don't initialize anything in the core until something uses it
Linux 4.19.18
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Ondrej Mosnacek
|
34ea589d97 |
selinux: always allow mounting submounts
[ Upstream commit |
||
|
Greg Kroah-Hartman
|
73dc755ee0 |
This is the 4.19.17 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlxHf8cACgkQONu9yGCS aT71Mg/9FnDYja+AD9hj01kFsh6+C4K/QLZY69kLgzmNvr1htsWLRvxSta0dIKc0 In4rianKMhOHekGub6ufO0Ne1jPV9ZCF61cZ/oENISB5D/oVZJL+baR92zeodSg9 XFBPRu9eKPQV+UFPliyyKEJtyWEmLHvJMOQkKft0reduZgPy0xonkQ97K48QmF9G b/Ly6E8c/qfQThIqn0wfPQ2DUYET9cCE667iw8+Mwzr2HYuLoltyp9ODyMW2fuNT vyKve8s+IQ8wCKy1fkwyIJD7CjV0mJMJfUYx1Ax+ewU6MtBDrhEyfcfA9sJfsyRH k/BydK4aQJqcejp8ajOVQjZFZtGMnuTM38n3SpJnyNLWz6JvCTQr8dl2A5Y5/iph Q1FQH9BHKWCCJO8JVjfMYhCewvdo47mjE1gUfs9HyyW4SjJxhJCn07u2LU1YCRHW G9NqRb208UZw7O6prCsdZRlZPJjon1Fln7ym/esKjuMRyNNycV093ysPaqzhKrJq 2Dxgt+fYBaP63BawAZUC+kQ0iX4OcSja78F4txbVBeksqskNAPHreMbcd5PDid/h bN89kPVCIV0eFJa0AMuKHdrbljRH/I6wbKmz3KvyjoRgq8KGc2PvrSe4DTJfax3W gOEnESLn7r58oUQ0OmfSv7U4zU700tuH9wOpFZyb5vqVvdXcQzA= =NSqX -----END PGP SIGNATURE----- Merge 4.19.17 into android-4.19 Changes in 4.19.17 tty/ldsem: Wake up readers after timed out down_write() tty: Hold tty_ldisc_lock() during tty_reopen() tty: Simplify tty->count math in tty_reopen() tty: Don't hold ldisc lock in tty_reopen() if ldisc present can: gw: ensure DLC boundaries after CAN frame modification netfilter: nf_conncount: replace CONNCOUNT_LOCK_SLOTS with CONNCOUNT_SLOTS netfilter: nf_conncount: don't skip eviction when age is negative netfilter: nf_conncount: split gc in two phases netfilter: nf_conncount: restart search when nodes have been erased netfilter: nf_conncount: merge lookup and add functions netfilter: nf_conncount: move all list iterations under spinlock netfilter: nf_conncount: speculative garbage collection on empty lists netfilter: nf_conncount: fix argument order to find_next_bit mmc: sdhci-msm: Disable CDR function on TX Revert "scsi: target: iscsi: cxgbit: fix csk leak" scsi: target: iscsi: cxgbit: fix csk leak scsi: target: iscsi: cxgbit: fix csk leak arm64/kvm: consistently handle host HCR_EL2 flags arm64: Don't trap host pointer auth use to EL2 ipv6: fix kernel-infoleak in ipv6_local_error() net: bridge: fix a bug on using a neighbour cache entry without checking its state packet: Do not leak dev refcounts on error exit tcp: change txhash on SYN-data timeout tun: publish tfile after it's fully initialized lan743x: Remove phy_read from link status change function smc: move unhash as early as possible in smc_release() r8169: don't try to read counters if chip is in a PCI power-save state bonding: update nest level on unlink ip: on queued skb use skb_header_pointer instead of pskb_may_pull r8169: load Realtek PHY driver module before r8169 crypto: sm3 - fix undefined shift by >= width of value crypto: caam - fix zero-length buffer DMA mapping crypto: authencesn - Avoid twice completion call in decrypt path crypto: ccree - convert to use crypto_authenc_extractkeys() crypto: bcm - convert to use crypto_authenc_extractkeys() crypto: authenc - fix parsing key with misaligned rta_len crypto: talitos - reorder code in talitos_edesc_alloc() crypto: talitos - fix ablkcipher for CONFIG_VMAP_STACK xen: Fix x86 sched_clock() interface for xen Revert "btrfs: balance dirty metadata pages in btrfs_finish_ordered_io" btrfs: wait on ordered extents on abort cleanup Yama: Check for pid death before checking ancestry scsi: core: Synchronize request queue PM status only on successful resume scsi: sd: Fix cache_type_store() mips: fix n32 compat_ipc_parse_version MIPS: BCM47XX: Setup struct device for the SoC MIPS: lantiq: Fix IPI interrupt handling drm/i915/gvt: Fix mmap range check OF: properties: add missing of_node_put mfd: tps6586x: Handle interrupts on suspend media: v4l: ioctl: Validate num_planes for debug messages RDMA/nldev: Don't expose unsafe global rkey to regular user RDMA/vmw_pvrdma: Return the correct opcode when creating WR kbuild: Disable LD_DEAD_CODE_DATA_ELIMINATION with ftrace & GCC <= 4.7 net: dsa: realtek-smi: fix OF child-node lookup pstore/ram: Avoid allocation and leak of platform data arm64: kaslr: ensure randomized quantities are clean to the PoC arm64: dts: marvell: armada-ap806: reserve PSCI area Disable MSI also when pcie-octeon.pcie_disable on fix int_sqrt64() for very large numbers omap2fb: Fix stack memory disclosure media: vivid: fix error handling of kthread_run media: vivid: set min width/height to a value > 0 bpf: in __bpf_redirect_no_mac pull mac only if present ipv6: make icmp6_send() robust against null skb->dev LSM: Check for NULL cred-security on free media: vb2: vb2_mmap: move lock up sunrpc: handle ENOMEM in rpcb_getport_async netfilter: ebtables: account ebt_table_info to kmemcg block: use rcu_work instead of call_rcu to avoid sleep in softirq selinux: fix GPF on invalid policy blockdev: Fix livelocks on loop device sctp: allocate sctp_sockaddr_entry with kzalloc tipc: fix uninit-value in in tipc_conn_rcv_sub tipc: fix uninit-value in tipc_nl_compat_link_reset_stats tipc: fix uninit-value in tipc_nl_compat_bearer_enable tipc: fix uninit-value in tipc_nl_compat_link_set tipc: fix uninit-value in tipc_nl_compat_name_table_dump tipc: fix uninit-value in tipc_nl_compat_doit block/loop: Don't grab "struct file" for vfs_getattr() operation. block/loop: Use global lock for ioctl() operation. loop: Fold __loop_release into loop_release loop: Get rid of loop_index_mutex loop: Push lo_ctl_mutex down into individual ioctls loop: Split setting of lo_state from loop_clr_fd loop: Push loop_ctl_mutex down into loop_clr_fd() loop: Push loop_ctl_mutex down to loop_get_status() loop: Push loop_ctl_mutex down to loop_set_status() loop: Push loop_ctl_mutex down to loop_set_fd() loop: Push loop_ctl_mutex down to loop_change_fd() loop: Move special partition reread handling in loop_clr_fd() loop: Move loop_reread_partitions() out of loop_ctl_mutex loop: Fix deadlock when calling blkdev_reread_part() loop: Avoid circular locking dependency between loop_ctl_mutex and bd_mutex loop: Get rid of 'nested' acquisition of loop_ctl_mutex loop: Fix double mutex_unlock(&loop_ctl_mutex) in loop_control_ioctl() loop: drop caches if offset or block_size are changed drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock selftests: Fix test errors related to lib.mk khdr target media: vb2: be sure to unlock mutex on errors nbd: Use set_blocksize() to set device blocksize Linux 4.19.17 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Stephen Smalley
|
5a79e71e0b |
selinux: fix GPF on invalid policy
commit
|
||
|
James Morris
|
a19aedf1a7 |
LSM: Check for NULL cred-security on free
commit
|
||
|
Kees Cook
|
b955a2c756 |
Yama: Check for pid death before checking ancestry
commit |
||
|
Greg Kroah-Hartman
|
caf54339d3 |
This is the 4.19.15 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlw6+/8ACgkQONu9yGCS
aT6VKw/9FUsbfy4MzFMH4XmTn/k9AHhcYdQ+gSEIcJbt/JLT13fU64e/O8QlQ3PF
5GWNY5ObA+HKlReCufSuW+AuAw5s/FLVaGLn8HZQ/FU27ZgTrGpFjb3vcnYSjsU0
vurXjstzndiRmpSahNufU6t2X7fkgyd41M94572pyidcT5NcP+ngVICwXtQOsXjH
QkIaMZHTmr4le0Z1oNvDraNkESJnxo7+D2eJebx5yDReD/Mdm3gAl2q0UkDXpZzk
qb3tH1oronm7ZfiEBCZYrewxMfz78ugJW3hpOu//JCbrVI2Ja0sBSh3VB6EFceoY
WI9z8JkZ3xQeLQnCdiabdQ66mGQa9XiLUwj7+sR//P7OduwJEv8HTYpDi8iqA6Vj
SigQmjEunjSHccqBWaPy1ZMAIXoNWQBC4EJ2erv3pAPyJr2FBw9o2Bmu6JAV18ow
iX94YnQtllZp8cJsEKEUWEmXZPLcTy6mXLMLoQ922P4p4KRJVQUhde4EeZZLFn27
6sPwASnrfEW9RS/i1XuxdDPbnMYg6uE0UoRfxp1tAUBKaVArjMglyIAj7t9GA07W
4480c3AegmDFZ+GxX+w5+duKRZnxBi+sHw8aBbZRi5m9mlxeFCSWSe0hPPRR2LIQ
fZrFySHmgbl1NtTP4cvZOb7bTxoyfjcIQfiqu7cwNsYGXtbfOuk=
=A6Ro
-----END PGP SIGNATURE-----
Merge 4.19.15 into android-4.19
Changes in 4.19.15
ARM: dts: sun8i: a83t: bananapi-m3: increase vcc-pd voltage to 3.3V
pinctrl: meson: fix pull enable register calculation
arm64: dts: mt7622: fix no more console output on rfb1
powerpc: Fix COFF zImage booting on old powermacs
powerpc/mm: Fix linux page tables build with some configs
HID: ite: Add USB id match for another ITE based keyboard rfkill key quirk
ARM: dts: imx7d-pico: Describe the Wifi clock
ARM: imx: update the cpu power up timing setting on i.mx6sx
ARM: dts: imx7d-nitrogen7: Fix the description of the Wifi clock
IB/mlx5: Block DEVX umem from the non applicable cases
Input: restore EV_ABS ABS_RESERVED
powerpc/mm: Fallback to RAM if the altmap is unusable
drm/amdgpu: Fix DEBUG_LOCKS_WARN_ON(depth <= 0) in amdgpu_ctx.lock
IB/core: Fix oops in netdev_next_upper_dev_rcu()
checkstack.pl: fix for aarch64
xfrm: Fix error return code in xfrm_output_one()
xfrm: Fix bucket count reported to userspace
xfrm: Fix NULL pointer dereference in xfrm_input when skb_dst_force clears the dst_entry.
ieee802154: hwsim: fix off-by-one in parse nested
netfilter: nf_tables: fix suspicious RCU usage in nft_chain_stats_replace()
netfilter: seqadj: re-load tcp header pointer after possible head reallocation
Revert "scsi: qla2xxx: Fix NVMe Target discovery"
scsi: bnx2fc: Fix NULL dereference in error handling
Input: omap-keypad - fix idle configuration to not block SoC idle states
Input: synaptics - enable RMI on ThinkPad T560
ibmvnic: Convert reset work item mutex to spin lock
ibmvnic: Fix non-atomic memory allocation in IRQ context
ieee802154: ca8210: fix possible u8 overflow in ca8210_rx_done
x86/mm: Fix guard hole handling
x86/dump_pagetables: Fix LDT remap address marker
i40e: fix mac filter delete when setting mac address
ixgbe: Fix race when the VF driver does a reset
netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel
netfilter: nat: can't use dst_hold on noref dst
netfilter: nf_conncount: use rb_link_node_rcu() instead of rb_link_node()
bnx2x: Clear fip MAC when fcoe offload support is disabled
bnx2x: Remove configured vlans as part of unload sequence.
bnx2x: Send update-svid ramrod with retry/poll flags enabled
scsi: target: iscsi: cxgbit: fix csk leak
scsi: target: iscsi: cxgbit: add missing spin_lock_init()
mt76: fix potential NULL pointer dereference in mt76_stop_tx_queues
x86, hyperv: remove PCI dependency
drivers: net: xgene: Remove unnecessary forward declarations
net/tls: Init routines in create_ctx
w90p910_ether: remove incorrect __init annotation
net: hns: Incorrect offset address used for some registers.
net: hns: All ports can not work when insmod hns ko after rmmod.
net: hns: Some registers use wrong address according to the datasheet.
net: hns: Fixed bug that netdev was opened twice
net: hns: Clean rx fbd when ae stopped.
net: hns: Free irq when exit from abnormal branch
net: hns: Avoid net reset caused by pause frames storm
net: hns: Fix ntuple-filters status error.
net: hns: Add mac pcs config when enable|disable mac
net: hns: Fix ping failed when use net bridge and send multicast
mac80211: fix a kernel panic when TXing after TXQ teardown
SUNRPC: Fix a race with XPRT_CONNECTING
qed: Fix an error code qed_ll2_start_xmit()
net: macb: fix random memory corruption on RX with 64-bit DMA
net: macb: fix dropped RX frames due to a race
net: macb: add missing barriers when reading descriptors
lan743x: Expand phy search for LAN7431
lan78xx: Resolve issue with changing MAC address
vxge: ensure data0 is initialized in when fetching firmware version information
nl80211: fix memory leak if validate_pae_over_nl80211() fails
mac80211: free skb fraglist before freeing the skb
kbuild: fix false positive warning/error about missing libelf
m68k: Fix memblock-related crashes
virtio: fix test build after uio.h change
lan743x: Remove MAC Reset from initialization
gpio: mvebu: only fail on missing clk if pwm is actually to be used
Input: synaptics - enable SMBus for HP EliteBook 840 G4
net: netxen: fix a missing check and an uninitialized use
qmi_wwan: Fix qmap header retrieval in qmimux_rx_fixup
serial/sunsu: fix refcount leak
auxdisplay: charlcd: fix x/y command parsing
scsi: zfcp: fix posting too many status read buffers leading to adapter shutdown
scsi: lpfc: do not set queue->page_count to 0 if pc_sli4_params.wqpcnt is invalid
fork: record start_time late
zram: fix double free backing device
hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined
mm, devm_memremap_pages: mark devm_memremap_pages() EXPORT_SYMBOL_GPL
mm, devm_memremap_pages: kill mapping "System RAM" support
mm, devm_memremap_pages: fix shutdown handling
mm, devm_memremap_pages: add MEMORY_DEVICE_PRIVATE support
mm, hmm: use devm semantics for hmm_devmem_{add, remove}
mm, hmm: mark hmm_devmem_{add, add_resource} EXPORT_SYMBOL_GPL
mm, swap: fix swapoff with KSM pages
memcg, oom: notify on oom killer invocation from the charge path
sunrpc: fix cache_head leak due to queued request
sunrpc: use SVC_NET() in svcauth_gss_* functions
powerpc: remove old GCC version checks
powerpc: consolidate -mno-sched-epilog into FTRACE flags
powerpc: avoid -mno-sched-epilog on GCC 4.9 and newer
powerpc: Disable -Wbuiltin-requires-header when setjmp is used
kbuild: add -no-integrated-as Clang option unconditionally
kbuild: consolidate Clang compiler flags
Makefile: Export clang toolchain variables
powerpc/boot: Set target when cross-compiling for clang
raid6/ppc: Fix build for clang
dma-direct: do not include SME mask in the DMA supported check
mt76x0: init hw capabilities
media: cx23885: only reset DMA on problematic CPUs
ALSA: cs46xx: Potential NULL dereference in probe
ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit()
ALSA: usb-audio: Check mixer unit descriptors more strictly
ALSA: usb-audio: Fix an out-of-bound read in create_composite_quirks
ALSA: usb-audio: Always check descriptor sizes in parser code
srcu: Lock srcu_data structure in srcu_gp_start()
driver core: Add missing dev->bus->need_parent_lock checks
Fix failure path in alloc_pid()
block: deactivate blk_stat timer in wbt_disable_default()
block: mq-deadline: Fix write completion handling
dlm: fixed memory leaks after failed ls_remove_names allocation
dlm: possible memory leak on error path in create_lkb()
dlm: lost put_lkb on error path in receive_convert() and receive_unlock()
dlm: memory leaks on error path in dlm_user_request()
gfs2: Get rid of potential double-freeing in gfs2_create_inode
gfs2: Fix loop in gfs2_rbm_find
b43: Fix error in cordic routine
selinux: policydb - fix byte order and alignment issues
PCI / PM: Allow runtime PM without callback functions
lockd: Show pid of lockd for remote locks
nfsd4: zero-length WRITE should succeed
arm64: drop linker script hack to hide __efistub_ symbols
arm64: relocatable: fix inconsistencies in linker script and options
leds: pwm: silently error out on EPROBE_DEFER
Revert "powerpc/tm: Unset MSR[TS] if not recheckpointing"
powerpc/tm: Set MSR[TS] just prior to recheckpoint
iio: dac: ad5686: fix bit shift read register
9p/net: put a lower bound on msize
rxe: fix error completion wr_id and qp_num
RDMA/srpt: Fix a use-after-free in the channel release code
iommu/vt-d: Handle domain agaw being less than iommu agaw
sched/fair: Fix infinite loop in update_blocked_averages() by reverting
|
||
|
Ondrej Mosnacek
|
b37fdd9410 |
selinux: policydb - fix byte order and alignment issues
commit |
||
|
Tao Huang
|
04026c23c8 |
Merge branch 'linux-linaro-lsk-v4.4-android' of git://git.linaro.org/kernel/linux-linaro-stable.git
* linux-linaro-lsk-v4.4-android: (812 commits) Linux 4.4.167 mac80211: ignore NullFunc frames in the duplicate detection mac80211: fix reordering of buffered broadcast packets mac80211: ignore tx status for PS stations in ieee80211_tx_status_ext mac80211: Clear beacon_int in ieee80211_do_stop mac80211_hwsim: Timer should be initialized before device registered kgdboc: fix KASAN global-out-of-bounds bug in param_set_kgdboc_var() tty: serial: 8250_mtk: always resume the device in probe. cifs: Fix separator when building path from dentry Staging: lustre: remove two build warnings xhci: Prevent U1/U2 link pm states if exit latency is too long SUNRPC: Fix leak of krb5p encode pages virtio/s390: fix race in ccw_io_helper() virtio/s390: avoid race on vcdev->config ALSA: pcm: Fix interval evaluation with openmin/max ALSA: pcm: Call snd_pcm_unlink() conditionally at closing ALSA: pcm: Fix starvation on down_write_nonblock() ALSA: hda: Add support for AMD Stoney Ridge ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c USB: check usb_get_extra_descriptor for proper size ... Conflicts: drivers/gpu/drm/rockchip/rockchip_drm_drv.c drivers/usb/host/xhci-ring.c Change-Id: I4304b0875908403a7d88a0d77da52cea04563c11 |
||
|
Amit Pundir
|
770f7163da |
Merge branch 'linux-linaro-lsk-v4.4' into linux-linaro-lsk-v4.4-android
* linux-linaro-lsk-v4.4: (622 commits)
Linux 4.4.166
drm/ast: Remove existing framebuffers before loading driver
s390/mm: Check for valid vma before zapping in gmap_discard
namei: allow restricted O_CREAT of FIFOs and regular files
sched/core: Allow __sched_setscheduler() in interrupts when PI is not used
btrfs: Ensure btrfs_trim_fs can trim the whole filesystem
usb: xhci: fix uninitialized completion when USB3 port got wrong status
tty: wipe buffer if not echoing data
tty: wipe buffer.
iwlwifi: mvm: fix regulatory domain update when the firmware starts
scsi: qla2xxx: do not queue commands when unloading
scsi: ufshcd: release resources if probe fails
scsi: ufs: fix race between clock gating and devfreq scaling work
scsi: ufshcd: Fix race between clk scaling and ungate work
scsi: ufs: fix bugs related to null pointer access and array size
netfilter: nf_tables: fix oops when inserting an element into a verdict map
mwifiex: fix p2p device doesn't find in scan problem
mwifiex: Fix NULL pointer dereference in skb_dequeue()
cw1200: Don't leak memory if krealloc failes
Input: xpad - add support for Xbox1 PDP Camo series gamepad
...
Conflicts:
Makefile
arch/x86/Makefile
drivers/base/power/main.c
drivers/block/zram/zram_drv.c
kernel/debug/kdb/kdb_io.c
net/ipv6/route.c
scripts/Kbuild.include
Conflicts in above files are fixed as done in AOSP Change-Id:
I5bd20327e0c1139c46f74e8d5916fa0530a307d3 ("Merge 4.4.165 into android-4.4").
arch/arm64/include/asm/cpufeature.h
arch/arm64/kernel/cpufeature.c
Conflicts in above files is due to AOSP Change-Id:
I11cb874d12a7d0921f452c62b0752e0028a8e0a7 ("FROMLIST: arm64: entry: Add
fake CPU feature for unmapping the kernel at EL0"), which needed a minor
rebasing.
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
|
||
|
Greg Kroah-Hartman
|
49fe708f16 |
This is the 4.19.8 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlwLshEACgkQONu9yGCS aT4wJA//V/G9RbjbXaY9kjfMQW/mgySwfPmhvyzS1O9J3ic3b5WVO1J547UkWyd9 DwjIOUNx8IGDTLiAs15Z92CqKYOxpGp9zy0hbNMLXE3WTLXyyg94K/jlk6jk3vXw jCvYGQaQuMyNhPr8chS3Nmkdqx3ZLC1NmmGIBSRJevseWXe2yVowTo4EuKDxnmEL dwYsEQAgsbPiZamt1J6gqKvgbcKnBk119cHXSJBFEpdtmSxjxEFz5sJIptO0QCI8 Ck08bMUA7YaQ5CGsvbOTGJtq8EW5Vakk9DTJWDDwkdk1kZ+Xv6u2992Ey3nesvin oKWayd9a+1qYBlkXVyZGiKBSSE9KPN8beZsiYSUidH1qZdT8XoWKLX7cOeaL1kWl SHsrXy3je3UWVaz7YEiAdmdEuocjbH9Nfb4q0bfPfCYmdFB5tjrFz4gpUjbdTEpC oh31h9gOvuOXWedFfOckh/Ung5CDinxmXLS8zFBNe7WrHA1ZLTypMaHwASuRlsTD UMJ9meuMtghHg6tt+jkz5GFEP1SqnP9rCQfBuFslWlR1Y/Y3SJRSeyL7OmXUBa5N w/L2iwOO+SK91WRivZXqinOaMMlolYk4OF1dCehlgTFCF5Dfn8olz6mm7G7zd37S swAcz1ogWZb+AmQ/EWlxeIzTOjss1I+howbdMjQctpLjkYAKr7g= =+hPU -----END PGP SIGNATURE----- Merge 4.19.8 into android-4.19 Changes in 4.19.8 blk-mq: fix corruption with direct issue test_hexdump: use memcpy instead of strncpy unifdef: use memcpy instead of strncpy iser: set sector for ambiguous mr status errors uprobes: Fix handle_swbp() vs. unregister() + register() race once more mtd: nand: Fix memory allocation in nanddev_bbt_init() arm64: ftrace: Fix to enable syscall events on arm64 sched, trace: Fix prev_state output in sched_switch tracepoint tracepoint: Use __idx instead of idx in DO_TRACE macro to make it unique MIPS: ralink: Fix mt7620 nd_sd pinmux mips: fix mips_get_syscall_arg o32 check IB/mlx5: Avoid load failure due to unknown link width tracing/fgraph: Fix set_graph_function from showing interrupts drm/ast: Fix incorrect free on ioregs drm/amd/dm: Don't forget to attach MST encoders drm: set is_master to 0 upon drm_new_set_master() failure drm/meson: Fixes for drm_crtc_vblank_on/off support drm/meson: Enable fast_io in meson_dw_hdmi_regmap_config drm/meson: Fix OOB memory accesses in meson_viu_set_osd_lut() userfaultfd: use ENOENT instead of EFAULT if the atomic copy user fails userfaultfd: shmem: allocate anonymous memory for MAP_PRIVATE shmem userfaultfd: shmem: add i_size checks userfaultfd: shmem: UFFDIO_COPY: set the page dirty if VM_WRITE is not set kgdboc: Fix restrict error kgdboc: Fix warning with module build svm: Add mutex_lock to protect apic_access_page_done on AMD systems selinux: add support for RTM_NEWCHAIN, RTM_DELCHAIN, and RTM_GETCHAIN i40e: Fix deletion of MAC filters scsi: lpfc: fix block guard enablement on SLI3 adapters Input: xpad - quirk all PDP Xbox One gamepads Input: synaptics - add PNP ID for ThinkPad P50 to SMBus Input: matrix_keypad - check for errors from of_get_named_gpio() Input: cros_ec_keyb - fix button/switch capability reports Input: elan_i2c - add ELAN0620 to the ACPI table Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15ARR Input: elan_i2c - add support for ELAN0621 touchpad btrfs: tree-checker: Don't check max block group size as current max chunk size limit is unreliable ARC: change defconfig defaults to ARCv2 arc: [devboards] Add support of NFSv3 ACL tipc: use destination length for copy string blk-mq: punt failed direct issue to dispatch list Linux 4.19.8 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Paul Moore
|
4c202ade1e |
selinux: add support for RTM_NEWCHAIN, RTM_DELCHAIN, and RTM_GETCHAIN
commit |
||
|
Greg Kroah-Hartman
|
635c56d224 |
This is the 4.19.6 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlwCSE8ACgkQONu9yGCS aT58lg//YXiTDY8JuG+LX8PJyL28s5gIQZyq7a8aEuxGFXbTfmym0TecN74F2gFM 7YBJ9j4u/W5xp/u/29VUOUE9OUiRdMa+GJz73ncgslHApp7r3Z5r9PJFJHtW07Xu IElCg2GvQLR0pzyNlsa+Nv738pldDr0d9xZDmsOp1Cs0aCfJQAbU1y9P5WNN8j3y rHQP19/2+HF0j6LqYxIRmgioSrmeHrEN/nWIDlFpW74+QPyI7d/6aJpr1Tfdy64u 6BE/48OunHjOPbO6fWcNjFm0FUlTYDKd8jtzkaIHmFKgXpDFb+3yN4AiMd4/ucPS SNqVqvzTfU8aKWEtIabTTG1m3AwuqJUrExYUQZwNe32zOhEMIE+rMpmgafSN3SjE k0cER70OS1rJ5rs/cqBY8UpqhPxqfTFSwEwHGqn66PeuYgCpjoXHIBVyn/s+I3CZ Be8udYwi3KXBYrMGppzFp5PklwkqrUIFFouF2ijtPBjKfZpte9/ZOGWxvZMux6Ev rqFaq/zf9DjvQ3BSwHh2QuQKK5WnGQVuwjDWHR/vso4bApErHFhDWvGAIFyFxRsK W70DUeUxSScNjNKDgyxzRUV18VF0IN8zMXfh4hCMtoq6+XzDG/DUBt6fBFXaZCun kWyCTZk+9sMkGVlL8kAB2UPbAjfuDRAijouwC+u0j0VRMXlsAWM= =ju/p -----END PGP SIGNATURE----- Merge 4.19.6 into android-4.19 Changes in 4.19.6 HID: steam: remove input device when a hid client is running. efi/libstub: arm: support building with clang usb: core: Fix hub port connection events lost usb: dwc3: gadget: fix ISOC TRB type on unaligned transfers usb: dwc3: gadget: Properly check last unaligned/zero chain TRB usb: dwc3: core: Clean up ULPI device usb: dwc3: Fix NULL pointer exception in dwc3_pci_remove() xhci: Fix leaking USB3 shared_hcd at xhci removal xhci: handle port status events for removed USB3 hcd xhci: Add check for invalid byte size error when UAS devices are connected. usb: xhci: fix uninitialized completion when USB3 port got wrong status usb: xhci: fix timeout for transition from RExit to U0 xhci: Add quirk to workaround the errata seen on Cavium Thunder-X2 Soc usb: xhci: Prevent bus suspend if a port connect change or polling state is detected ALSA: oss: Use kvzalloc() for local buffer allocations MAINTAINERS: Add Sasha as a stable branch maintainer Documentation/security-bugs: Clarify treatment of embargoed information Documentation/security-bugs: Postpone fix publication in exceptional cases mmc: sdhci-pci: Try "cd" for card-detect lookup before using NULL mmc: sdhci-pci: Workaround GLK firmware failing to restore the tuning value gpio: don't free unallocated ida on gpiochip_add_data_with_key() error path iwlwifi: fix wrong WGDS_WIFI_DATA_SIZE iwlwifi: mvm: support sta_statistics() even on older firmware iwlwifi: mvm: fix regulatory domain update when the firmware starts iwlwifi: mvm: don't use SAR Geo if basic SAR is not used brcmfmac: fix reporting support for 160 MHz channels opp: ti-opp-supply: Dynamically update u_volt_min opp: ti-opp-supply: Correct the supply in _get_optimal_vdd_voltage call tools/power/cpupower: fix compilation with STATIC=true v9fs_dir_readdir: fix double-free on p9stat_read error selinux: Add __GFP_NOWARN to allocation at str_read() Input: synaptics - avoid using uninitialized variable when probing bfs: add sanity check at bfs_fill_super() sctp: clear the transport of some out_chunk_list chunks in sctp_assoc_rm_peer gfs2: Don't leave s_fs_info pointing to freed memory in init_sbd llc: do not use sk_eat_skb() mm: don't warn about large allocations for slab mm/memory.c: recheck page table entry with page table lock held tcp: do not release socket ownership in tcp_close() drm/fb-helper: Blacklist writeback when adding connectors to fbdev drm/amdgpu: Add missing firmware entry for HAINAN drm/vc4: Set ->legacy_cursor_update to false when doing non-async updates drm/amdgpu: Fix oops when pp_funcs->switch_power_profile is unset drm/i915: Disable LP3 watermarks on all SNB machines drm/ast: change resolution may cause screen blurred drm/ast: fixed cursor may disappear sometimes drm/ast: Remove existing framebuffers before loading driver can: flexcan: Unlock the MB unconditionally can: dev: can_get_echo_skb(): factor out non sending code to __can_get_echo_skb() can: dev: __can_get_echo_skb(): replace struct can_frame by canfd_frame to access frame length can: dev: __can_get_echo_skb(): Don't crash the kernel if can_priv::echo_skb is accessed out of bounds can: dev: __can_get_echo_skb(): print error message, if trying to echo non existing skb can: rx-offload: introduce can_rx_offload_get_echo_skb() and can_rx_offload_queue_sorted() functions can: rx-offload: rename can_rx_offload_irq_queue_err_skb() to can_rx_offload_queue_tail() can: flexcan: use can_rx_offload_queue_sorted() for flexcan_irq_bus_*() can: flexcan: handle tx-complete CAN frames via rx-offload infrastructure can: raw: check for CAN FD capable netdev in raw_sendmsg() can: hi311x: Use level-triggered interrupt can: flexcan: Always use last mailbox for TX can: flexcan: remove not needed struct flexcan_priv::tx_mb and struct flexcan_priv::tx_mb_idx ACPICA: AML interpreter: add region addresses in global list during initialization IB/hfi1: Eliminate races in the SDMA send error path fsnotify: generalize handling of extra event flags fanotify: fix handling of events on child sub-directory pinctrl: meson: fix pinconf bias disable pinctrl: meson: fix gxbb ao pull register bits pinctrl: meson: fix gxl ao pull register bits pinctrl: meson: fix meson8 ao pull register bits pinctrl: meson: fix meson8b ao pull register bits tools/testing/nvdimm: Fix the array size for dimm devices. scsi: lpfc: fix remoteport access scsi: hisi_sas: Remove set but not used variable 'dq_list' KVM: PPC: Move and undef TRACE_INCLUDE_PATH/FILE cpufreq: imx6q: add return value check for voltage scale rtc: cmos: Do not export alarm rtc_ops when we do not support alarms rtc: pcf2127: fix a kmemleak caused in pcf2127_i2c_gather_write crypto: simd - correctly take reqsize of wrapped skcipher into account floppy: fix race condition in __floppy_read_block_0() powerpc/io: Fix the IO workarounds code to work with Radix sched/fair: Fix cpu_util_wake() for 'execl' type workloads perf/x86/intel/uncore: Add more IMC PCI IDs for KabyLake and CoffeeLake CPUs block: copy ioprio in __bio_clone_fast() and bounce SUNRPC: Fix a bogus get/put in generic_key_to_expire() riscv: add missing vdso_install target RISC-V: Silence some module warnings on 32-bit drm/amdgpu: fix bug with IH ring setup kdb: Use strscpy with destination buffer size NFSv4: Fix an Oops during delegation callbacks powerpc/numa: Suppress "VPHN is not supported" messages efi/arm: Revert deferred unmap of early memmap mapping z3fold: fix possible reclaim races mm, memory_hotplug: check zone_movable in has_unmovable_pages tmpfs: make lseek(SEEK_DATA/SEK_HOLE) return ENXIO with a negative offset mm, page_alloc: check for max order in hot path dax: Avoid losing wakeup in dax_lock_mapping_entry include/linux/pfn_t.h: force '~' to be parsed as an unary operator tty: wipe buffer. tty: wipe buffer if not echoing data gfs2: Fix iomap buffer head reference counting bug rcu: Make need_resched() respond to urgent RCU-QS needs media: ov5640: Re-work MIPI startup sequence media: ov5640: Fix timings setup code media: ov5640: fix exposure regression media: ov5640: fix auto gain & exposure when changing mode media: ov5640: fix wrong binning value in exposure calculation media: ov5640: fix auto controls values when switching to manual mode Linux 4.19.6 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Daniel Rosenberg
|
e81cea2a6f |
ANDROID: vfs: Add permission2 for filesystems with per mount permissions
This allows filesystems to use their mount private data to
influence the permssions they return in permission2. It has
been separated into a new call to avoid disrupting current
permission users.
Bug: 35848445
Bug: 120446149
Change-Id: I9d416e3b8b6eca84ef3e336bd2af89ddd51df6ca
Signed-off-by: Daniel Rosenberg <drosen@google.com>
[AmitP: Minor refactoring of original patch to align with
changes from the following upstream commit
|
||
|
Daniel Rosenberg
|
50f0dd432b |
ANDROID: sdcardfs: Enable modular sdcardfs
Export the following symbols:
- copy_fs_struct
- free_fs_struct
- security_path_chown
- set_fs_pwd
- vfs_read
- vfs_write
These are needed to build sdcardfs as a module.
Bug: 35142419
Bug: 120446149
Change-Id: If6e14f0b3bdc858a9f684e6c209927a9232091f0
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Signed-off-by: Guenter Roeck <groeck@chromium.org>
[astrachan: Folded the following changes into this patch:
e19f69662df5 ("ANDROID: Revert "fs: unexport vfs_read and vfs_write"")
17071a8e1e7d ("ANDROID: fs: Export free_fs_struct and set_fs_pwd")
2e9a639597cd ("ANDROID: export security_path_chown")]
Signed-off-by: Alistair Strachan <astrachan@google.com>
|
||
|
Jeff Vander Stoep
|
8e5e42d5ae |
ANDROID: security,perf: Allow further restriction of perf_event_open
When kernel.perf_event_open is set to 3 (or greater), disallow all access to performance events by users without CAP_SYS_ADMIN. Add a Kconfig symbol CONFIG_SECURITY_PERF_EVENTS_RESTRICT that makes this value the default. This is based on a similar feature in grsecurity (CONFIG_GRKERNSEC_PERF_HARDEN). This version doesn't include making the variable read-only. It also allows enabling further restriction at run-time regardless of whether the default is changed. https://lkml.org/lkml/2016/1/11/587 Bug: 29054680 Bug: 120445712 Change-Id: Iff5bff4fc1042e85866df9faa01bce8d04335ab8 [jeffv: Upstream doesn't want it https://lkml.org/lkml/2016/6/17/101] Signed-off-by: Ben Hutchings <ben@decadent.org.uk> |
||
|
Tetsuo Handa
|
3962e78a9f |
selinux: Add __GFP_NOWARN to allocation at str_read()
commit
|
||
|
Zubin Mithra
|
c8a1685aa3 |
apparmor: Fix uninitialized value in aa_split_fqname
[ Upstream commit |
||
|
Mark Brown
|
375fef4f04 |
This is the 4.4.164 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlv1FwEACgkQONu9yGCS aT5Z+hAAqBzs7rP4fm2RVSC9fpDZTbLQQ+IJYVXCN1WgyJa+hirGmMtfKPF9Pkoz iSZplvI+ab3b/f+IAvD33S0zPgkYWe7dx3qMYFUp520vs8nGsY0RAUCdldjkOfjO pFO2xFJhTDDbY1yUN8/TYkHSk5txJI3Kb3ed8DrbpmCjigL1Fn/PPIGMd2/ujb/J iOm0TENPdtD9zrp3rBwesOx+0R8azM8XRQZmrhy1P/sZmQYKRquxL9r+h8rT6wCE yuSwjbEJbE6tMcnS2+lxCbjjP9bYev0U1qXGAnbxH5nfaDaGeoIMgpLxv2ql48UP w6zLzX+yR6XD0x9Iy0ZEpeTyDFGSdR32W969lYxYxBbgpUMXCzsWo1rXBZeOc6us QSpnpctA+9gqOTEdUznJsCOo5TGKAdB4x5g0wT8uDGJweoqXgU/fGd9KzC2vGFyK 8JSo+pJkRnQGYWb4ews1WA7B5StT+b4bvB+V0zz4MqzH6jBzd/ABp+NIqKKwc+uT nDl2HjXZMMNapU0IdigSVoEx5HcdYw98j5mtm8smLhNAjpqgIBz68kxe8VLsgE69 qgnsT6YhTb0zeRvK8972ylFR8I9GPL07cUHnWTsavsgusFIPJxoaL+ZnplUB5KXk qXx7iAA+jv+4m2k0w3AVfJIji9cTINsosUv29Le2TT6sRs4ouf0= =SvD+ -----END PGP SIGNATURE----- gpgsig -----BEGIN PGP SIGNATURE----- iQFHBAABCgAxFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAlv2yQoTHGJyb29uaWVA a2VybmVsLm9yZwAKCRAk1otyXVSH0LjvB/9HlHS49l+xaJ7L2RegzoYzgU0JJwJx w6yQtUkPq7UaTxIZi2v6wKj4oqLQaCOGWexOUIeGrI97oINJl/nyNvG1MK7Tg0zz xCMXiL9qoCHcDh6oArOSeyCDrUw4hD/vIGlraLEVOCm9jxBpzQh08rnTMcnzJY2y egTo5r2BjZEAQukRLktwN3FoM5/o3JJlo3JTZE1sqF8A/HIjI80iFKn0tibgDOex A5mCAzbiFhWn4ke18Kvdy886bEWK4ltJaUVcVEAQ2gyt8dwFOvPpjkC/3HQH74Nq uxF3+R0t2TDL2hYW18gFwRSYCmFnyDwVIgk4Hkc1+730kCLroPDB1AX8 =2IjJ -----END PGP SIGNATURE----- Merge tag 'v4.4.164' into linux-linaro-lsk-v4.4 This is the 4.4.164 stable release |
||
|
Eric Biggers
|
34aa96127a |
ima: fix showing large 'violations' or 'runtime_measurements_count'
commit
|
||
|
Ondrej Mosnacek
|
c75e3cbfd9 |
selinux: check length properly in SCTP bind hook
commit |
||
|
Goldwyn Rodrigues
|
8b259b9965 |
ima: open a new file instance if no read permissions
commit
|
||
|
Eric Biggers
|
13d3c98fa8 |
ima: fix showing large 'violations' or 'runtime_measurements_count'
commit
|
||
|
Stephen Smalley
|
f77c84673d |
selinux: fix mounting of cgroup2 under older policies
commit |
||
|
Casey Schaufler
|
7a478552b5 |
Smack: ptrace capability use fixes
[ Upstream commit
|
||
|
Mark Brown
|
e0745aa91b |
This is the 4.4.163 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlvm/EEACgkQONu9yGCS aT5qaw//fjbtlLntj6zurFCquQFd7MkjsY+9fxWGvrknmDQrQLVD6u5q4Ii6JUkh hbcnCnPH70viQsjlxnwVP7YCuHhuiuja2TCFihKyVEEJXMgwtnjjN6pgay+DCikz k8921xsAlpU0N5em9NExu6abQMvsFg1u3h6kLA0Gob120VM4FiK4I8WMyVDZT9ya gjdnAzCGfvhdBa7jUokWjOnFPg7s1Y8S4f3OR7/6NjDGupiBYq4vc19cRfofBpnI IMZfP9QBj+tUsj3TKBMyQyq2f6qBVaD0XvcpeEdwFxwNxfWgH1oB9tb6kugTgZ6H 3+fX/XoSJZYKJJpTsKr16FkpLElXeAXjbVKxrNg9qLYTSnJPNkfrGvTOqXjArWC8 92F5Q/ZlGfZhiuRXTfVoLoThUgRcyru6VPo5dBXgMqNYnV6QHEkwqHkizMHqP3nG dlMi40OIx02OuEy6576rLRGpF7kbZ1q6T4zxh/cGzFOz5v8v72HkZ5UildJ+DazU oO+tZDCP7yI42jLMafdcn1z/IK20yBiALGIQE1vMQSFxil8wn542T8eS8mAodD9V SIPet9oBtWIT0vf0T4JQ2W8SkFZNJwQZc7TbyiUBJrDVUSW/pGhNqAu0lLN4eIxb 0kA043zy3+apQX6k1qbuXGApbJENk3N2/25NR/n1PQvFCIIqzfU= =r3vv -----END PGP SIGNATURE----- gpgsig -----BEGIN PGP SIGNATURE----- iQFHBAABCgAxFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAlvrCAQTHGJyb29uaWVA a2VybmVsLm9yZwAKCRAk1otyXVSH0NvJB/0XPqB8ozJJ5g5yEKCcE9Qnt94dgMZE biZolnzfTqkYJoA8EMLJNEwzhnzrx/9xJsOgp9R0FCxPoBczb83PqQwfDT2BNfZv uJU6zZzJ+GAxgYdWVgntpDVC99nl/Q+yBp9BZsr70uYLbi8h7zUf3TuYS24T5++9 QRrieuqLOVE1xeUk/UEKw0VCB6CxSvKDrmLLoxzgb4jQf2tl8LQcXhkTAkbj7pjl zAn1Km9YA+2qnRmtTewohKEkpp3jPgu3KbH5tn1rBYVB0xux/Pthlc4lRz9khZw5 wzPgXsWYUY9ccbaZE1lgdcIwxf9yMngAI+JzCcMibDGPrRKaTM3khAMg =kiQ7 -----END PGP SIGNATURE----- Merge tag 'v4.4.163' into linux-linaro-lsk-v4.4 This is the 4.4.163 stable release |
||
|
Eric Biggers
|
9aae17f851 |
KEYS: put keyring if install_session_keyring_to_cred() fails
[ Upstream commit |
||
|
Tao Huang
|
099b49ab1d |
security: remove unused tlk_driver
Change-Id: I38ee4f43ffe41e8d85dbc7a776aa8aacb99fe8f6 Signed-off-by: Tao Huang <huangtao@rock-chips.com> |
||
|
Tao Huang
|
d376ad8f23 |
Merge branch 'linux-linaro-lsk-v4.4-android' of git://git.linaro.org/kernel/linux-linaro-stable.git
* linux-linaro-lsk-v4.4-android: (1212 commits) ANDROID: sdcardfs: Change current->fs under lock ANDROID: sdcardfs: Don't use OVERRIDE_CRED macro ANDROID: restrict store of prefer_idle as boolean BACKPORT: arm/syscalls: Optimize address limit check UPSTREAM: syscalls: Use CHECK_DATA_CORRUPTION for addr_limit_user_check BACKPORT: arm64/syscalls: Check address limit on user-mode return BACKPORT: x86/syscalls: Check address limit on user-mode return BACKPORT: lkdtm: add bad USER_DS test UPSTREAM: bug: switch data corruption check to __must_check BACKPORT: lkdtm: Add tests for struct list corruption UPSTREAM: bug: Provide toggle for BUG on data corruption UPSTREAM: list: Split list_del() debug checking into separate function UPSTREAM: rculist: Consolidate DEBUG_LIST for list_add_rcu() BACKPORT: list: Split list_add() debug checking into separate function FROMLIST: ANDROID: binder: Add BINDER_GET_NODE_INFO_FOR_REF ioctl. BACKPORT: arm64/vdso: Fix nsec handling for CLOCK_MONOTONIC_RAW ANDROID: arm64: mm: fix 4.4.154 merge BACKPORT: zsmalloc: introduce zs_huge_class_size() BACKPORT: zram: drop max_zpage_size and use zs_huge_class_size() ANDROID: tracing: fix race condition reading saved tgids ... Change-Id: I9f23db35eb926b6fa0d7af7dbbb55c9a37d536fc |
||
|
Amit Pundir
|
c8f435d8fd |
Merge branch 'linux-linaro-lsk-v4.4' into linux-linaro-lsk-v4.4-android
* linux-linaro-lsk-v4.4: (783 commits)
Linux 4.4.159
iw_cxgb4: only allow 1 flush on user qps
HID: sony: Support DS4 dongle
HID: sony: Update device ids
arm64: Add trace_hardirqs_off annotation in ret_to_user
ext4: don't mark mmp buffer head dirty
ext4: fix online resizing for bigalloc file systems with a 1k block size
ext4: fix online resize's handling of a too-small final block group
ext4: recalucate superblock checksum after updating free blocks/inodes
ext4: avoid divide by zero fault when deleting corrupted inline directories
tty: vt_ioctl: fix potential Spectre v1
drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in connector_detect()
ocfs2: fix ocfs2 read block panic
scsi: target: iscsi: Use hex2bin instead of a re-implementation
neighbour: confirm neigh entries when ARP packet is received
net: hp100: fix always-true check for link up state
net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT
ipv6: fix possible use-after-free in ip6_xmit()
gso_segment: Reset skb->mac_len after modifying network header
mm: shmem.c: Correctly annotate new inodes for lockdep
...
Conflicts:
Makefile
fs/squashfs/block.c
include/uapi/linux/prctl.h
kernel/fork.c
kernel/sys.c
Trivial merge conflicts in above files. Resolved by rebasing
corresponding AOSP changes.
arch/arm64/mm/init.c
Pick the changes from upstream version of AOSP patch
"arm64: check for upper PAGE_SHIFT bits in pfn_valid" instead.
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
|
||
|
Lubomir Rintel
|
8c0f9f5b30 |
Revert "uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name"
This changes UAPI, breaking iwd and libell:
ell/key.c: In function 'kernel_dh_compute':
ell/key.c:205:38: error: 'struct keyctl_dh_params' has no member named 'private'; did you mean 'dh_private'?
struct keyctl_dh_params params = { .private = private,
^~~~~~~
dh_private
This reverts commit
|
||
|
Mark Brown
|
f4150b38ac |
This is the 4.4.157 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAluitjwACgkQONu9yGCS aT7iuA/9FDL/m4yOFPh6lFP6b5JnpDoKniJM3R6eg8am9TYaCe0mwJImEy8yP8sH BOK/LECOJqV8Waw0ANQieJYZj/GsRXk9TOwUwvOCbhNwfu+e2x4/31dRIpxSQaCs dYROb4ISGd9wyLMKqgh0zqMxKKfb/Ija4oBjfz7xUJYoHFuc8hlfic6HUr8i/J76 kz5LJ5uPWyrBOKzQT15o0bz05LmnKBX8TyhpzzPBf/+eQ1jzh7uvpawcOz03u8iV 6VpNXCbTTUf863nmOxcEfuClI1GnCHstAHTKaEc6u5MUhkJKKqxWDTsO92qhnUne FXB7/UeVwsGA69Oy4nInJMGI7hHlJ6LR1CBA9SmfjzUvBY9P6nT2vrU6NYg0n3Bd tP7S69xXQUdkkvDNjphsOuexuResITJ48obg+Lx2ijCAHNosafKyN1It8t/euOAD xCeTxfLtXMCO+3z+UvOwFnKwgLImt1Bh8fGynjpk7fvIycrm+FP0iZ+2cw4NUiMU jKtjvQCWbfK64fZ5eIdxo/rKyX7hK3PRMw6r6rEvaW/z6Cm33Dvy+1Rn3fiXJpIS oEt7knHsoBraHtrUvbPXMc5S0ZNvoNLD3omWm1Ot+NlP3ogIi/ZFwvwUU537FZmL 2g8V16o0IliBOqNr3vkDyInv/5+LDVI22noc3bjEoi/LsoYe4j4= =2RHb -----END PGP SIGNATURE----- gpgsig -----BEGIN PGP SIGNATURE----- iQFHBAABCgAxFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAlujvlsTHGJyb29uaWVA a2VybmVsLm9yZwAKCRAk1otyXVSH0KlyB/9nmaU076/pWCA6Q3XT2vjxuoiQB08j 4EAM2l2voJwAj4h6iRQW4W82TVJk1GJLjb07eU20ee4409K5lWjnQSu9psi2ve4I Ie8SZhl4XozniEGcZ3waE3NMLcjH27YkgXDRNOXljGP/uiL5wJUqdiqbbOtp6o0Z wRbtfkebuiIlcrPRE497uR5iFe02lMh2hpRdnqAfHRQQbz5/qecHOtgbhTVV5Vd8 OGdtZgfFDdf3MzMRvUUGEoMRL6M2xVdu130EvpPoVuePowxEqrannts79RRflbxk pDh0KmfW1ZeujurgKol6b9NeDm0hvcAHfRxjRv3MlVAVWjrSUUZGrCln =LduB -----END PGP SIGNATURE----- Merge tag 'v4.4.157' into linux-linaro-lsk-v4.4 This is the 4.4.157 stable release |
||
|
Michal Hocko
|
97557d1615 |
selinux: use GFP_NOWAIT in the AVC kmem_caches
commit
|
||
|
Joerg Roedel
|
61a6bd83ab |
Revert "x86/mm/legacy: Populate the user page-table with user pgd's"
This reverts commit |
||
|
Tao Huang
|
75654db877 |
Merge branch 'linux-linaro-lsk-v4.4' of git://git.linaro.org/kernel/linux-linaro-stable.git
* linux-linaro-lsk-v4.4: (519 commits)
Linux 4.4.154
cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status
iscsi target: fix session creation failure handling
scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock
scsi: sysfs: Introduce sysfs_{un,}break_active_protection()
MIPS: lib: Provide MIPS64r6 __multi3() for GCC < 7
MIPS: Correct the 64-bit DSP accumulator register size
kprobes: Make list and blacklist root user read only
s390/pci: fix out of bounds access during irq setup
s390/qdio: reset old sbal_state flags
s390: fix br_r1_trampoline for machines without exrl
x86/spectre: Add missing family 6 check to microcode check
x86/irqflags: Mark native_restore_fl extern inline
pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show()
ASoC: sirf: Fix potential NULL pointer dereference
ASoC: dpcm: don't merge format from invalid codec dai
udl-kms: fix crash due to uninitialized memory
udl-kms: handle allocation failure
udl-kms: change down_interruptible to down
fuse: Add missed unlock_page() to fuse_readpages_fill()
...
Conflicts:
Makefile
arch/arm64/mm/init.c
fs/squashfs/block.c
include/uapi/linux/prctl.h
kernel/sys.c
Change-Id: Ie03b5adfbbb4ab2bf16bc55d99f0d8a9c540a53b
|
||
|
Linus Torvalds
|
db44bf4b47 |
- Fix for bad debug check when converting secids to secctx
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE7cSDD705q2rFEEf7BS82cBjVw9gFAluRSncACgkQBS82cBjV w9jx/Q//ReKSyJSFb01ZLyG1U8XoT9o5JSkJJtriIsVi7qG+zG6tucDKJyoXa2LE ZA+SvZi91/WY2xRw51fz9/JcLJXIXYGgMVwgIxiy2oShw7TFYlhoLfwU1VF83qR4 f8HvgHxG1CVpVtvHb8fOx8SoSDl6b2KoIbUAquB1sRbEIyCfaKx1lV5GC+JwPlHK 9wXK5iyGQKi+9NVjBdbu75nQ7EpGxEj1vVOyUjf79NFhFqnEe+JSqF2WMGcNFP/o tbtJnmkjHbS23mNv07kXC39QjhAYZ8rQRnQCvrYGVARKATQsncpDuriqEAxhfk95 a2osx9wRH2UGEdw/i4ciAucYjdepSQfhgfd+SIdI/6BE8+ixiiawIAf+RG5tolwd VvC5Jz7QX04f0pqZ9zfSpLTlMVgnzQEE3tp29yqRD8I0C9DR2xQR7ZoGr6HYJ9J6 pCLqvyC5nRrEhslv8QKzaHFkZs4bkGOTIZkuXKTc8ss/xjAD8fpo+svsZIQMTazB pRUZDTW7x+EZcrm9LOHksuaS8vHNJD6hWPHT5lvy11TYXK8Btq1dinC8kZqykH1I puMs5rWDMgeFXfj6ZW371/43DEhq7mEIkLWBxmvR3EYSxEZTnw9VGq5YDfBC0J1j yHQQP9JAAOfFN8HuLRU+3hR9FzSFOvAF0NeC/oLrPR6V6OPVLgI= =t7zK -----END PGP SIGNATURE----- Merge tag 'apparmor-pr-2018-09-06' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor Pull apparmor fix from John Johansen: "A fix for an issue syzbot discovered last week: - Fix for bad debug check when converting secids to secctx" * tag 'apparmor-pr-2018-09-06' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor: apparmor: fix bad debug check in apparmor_secid_to_secctx() |
||
|
Randy Dunlap
|
8a2336e549 |
uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name
Since this header is in "include/uapi/linux/", apparently people want to
use it in userspace programs -- even in C++ ones. However, the header
uses a C++ reserved keyword ("private"), so change that to "dh_private"
instead to allow the header file to be used in C++ userspace.
Fixes https://bugzilla.kernel.org/show_bug.cgi?id=191051
Link: http://lkml.kernel.org/r/0db6c314-1ef4-9bfa-1baa-7214dd2ee061@infradead.org
Fixes:
|
||
|
John Johansen
|
edf4e7b7b9 |
apparmor: fix bad debug check in apparmor_secid_to_secctx()
apparmor_secid_to_secctx() has a bad debug statement tripping on a
condition handle by the code. When kconfig SECURITY_APPARMOR_DEBUG is
enabled the debug WARN_ON will trip when **secdata is NULL resulting
in the following trace.
------------[ cut here ]------------
AppArmor WARN apparmor_secid_to_secctx: ((!secdata)):
WARNING: CPU: 0 PID: 14826 at security/apparmor/secid.c:82 apparmor_secid_to_secctx+0x2b5/0x2f0 security/apparmor/secid.c:82
Kernel panic - not syncing: panic_on_warn set ...
CPU: 0 PID: 14826 Comm: syz-executor1 Not tainted 4.19.0-rc1+ #193
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1c9/0x2b4 lib/dump_stack.c:113
panic+0x238/0x4e7 kernel/panic.c:184
__warn.cold.8+0x163/0x1ba kernel/panic.c:536
report_bug+0x252/0x2d0 lib/bug.c:186
fixup_bug arch/x86/kernel/traps.c:178 [inline]
do_error_trap+0x1fc/0x4d0 arch/x86/kernel/traps.c:296
do_invalid_op+0x1b/0x20 arch/x86/kernel/traps.c:316
invalid_op+0x14/0x20 arch/x86/entry/entry_64.S:993
RIP: 0010:apparmor_secid_to_secctx+0x2b5/0x2f0 security/apparmor/secid.c:82
Code: c7 c7 40 66 58 87 e8 6a 6d 0f fe 0f 0b e9 6c fe ff ff e8 3e aa 44 fe 48 c7 c6 80 67 58 87 48 c7 c7 a0 65 58 87 e8 4b 6d 0f fe <0f> 0b e9 3f fe ff ff 48 89 df e8 fc a7 83 fe e9 ed fe ff ff bb f4
RSP: 0018:ffff8801ba1bed10 EFLAGS: 00010286
RAX: 0000000000000000 RBX: ffff8801ba1beed0 RCX: ffffc9000227e000
RDX: 0000000000018482 RSI: ffffffff8163ac01 RDI: 0000000000000001
RBP: ffff8801ba1bed30 R08: ffff8801b80ec080 R09: ffffed003b603eca
R10: ffffed003b603eca R11: ffff8801db01f657 R12: 0000000000000001
R13: 0000000000000000 R14: 0000000000000000 R15: ffff8801ba1beed0
security_secid_to_secctx+0x63/0xc0 security/security.c:1314
ctnetlink_secctx_size net/netfilter/nf_conntrack_netlink.c:621 [inline]
ctnetlink_nlmsg_size net/netfilter/nf_conntrack_netlink.c:659 [inline]
ctnetlink_conntrack_event+0x303/0x1470 net/netfilter/nf_conntrack_netlink.c:706
nf_conntrack_eventmask_report+0x55f/0x930 net/netfilter/nf_conntrack_ecache.c:151
nf_conntrack_event_report include/net/netfilter/nf_conntrack_ecache.h:112 [inline]
nf_ct_delete+0x33c/0x5d0 net/netfilter/nf_conntrack_core.c:601
nf_ct_iterate_cleanup+0x48c/0x5e0 net/netfilter/nf_conntrack_core.c:1892
nf_ct_iterate_cleanup_net+0x23c/0x2d0 net/netfilter/nf_conntrack_core.c:1974
ctnetlink_flush_conntrack net/netfilter/nf_conntrack_netlink.c:1226 [inline]
ctnetlink_del_conntrack+0x66c/0x850 net/netfilter/nf_conntrack_netlink.c:1258
nfnetlink_rcv_msg+0xd88/0x1070 net/netfilter/nfnetlink.c:228
netlink_rcv_skb+0x172/0x440 net/netlink/af_netlink.c:2454
nfnetlink_rcv+0x1c0/0x4d0 net/netfilter/nfnetlink.c:560
netlink_unicast_kernel net/netlink/af_netlink.c:1317 [inline]
netlink_unicast+0x5a0/0x760 net/netlink/af_netlink.c:1343
netlink_sendmsg+0xa18/0xfc0 net/netlink/af_netlink.c:1908
sock_sendmsg_nosec net/socket.c:621 [inline]
sock_sendmsg+0xd5/0x120 net/socket.c:631
___sys_sendmsg+0x7fd/0x930 net/socket.c:2114
__sys_sendmsg+0x11d/0x290 net/socket.c:2152
__do_sys_sendmsg net/socket.c:2161 [inline]
__se_sys_sendmsg net/socket.c:2159 [inline]
__x64_sys_sendmsg+0x78/0xb0 net/socket.c:2159
do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x457089
Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007f7bc6e03c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f7bc6e046d4 RCX: 0000000000457089
RDX: 0000000000000000 RSI: 0000000020d65000 RDI: 0000000000000003
RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004d4588 R14: 00000000004c8d5c R15: 0000000000000000
Dumping ftrace buffer:
(ftrace buffer empty)
Kernel Offset: disabled
Rebooting in 86400 seconds..
CC: <stable@vger.kernel.org> #4.18
Fixes:
|
||
|
Mark Brown
|
3a9cbd70c7 |
This is the 4.4.153 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAluE3G0ACgkQONu9yGCS aT7+URAAiG/MGLVAJCqx5WwNPXm1fWwMgW+/Okt5VtMJCsudZd+MtYcAr/ThyQu0 Ey80BxFgKLFWdIQ3RagXPiqlclFZLDqDKq7Zro5VhrmNXJvwCz37XD7xLAuMqhNl XXFLUClXUp0uSQ57VaykDloQpGTzT8qu1rJ4pAQFVQsg+3ggEMh/BWVXFvTJwLjx eEvZLL7zoXRV6PIZgG6mcRP6YnNHSHGHawPnT9BDLtTWyb9OdpTHx7U9un+kS/iv S+oiuxVxG7flWSpW7/oAI62DDZu6If8McGJyCTwETeT4P4u4YIVox4zX8oZLzr8N v6NO8Giy6MhQzlnZTVVNrAyfOsbHr4kNR++VUUMSlQzG6w2RalBW2EIQiFnImUJk 344Fpvzdgt2F9Q46W7+ff19YBrqE6H8yFP4Dfqsx0YLSej72hJ2WqSMBuElKVdoO LnhJqA97/lgDnzJbfx+129tLSl/Ly0nL61TKTK39qwKMDaEW0HEa2uU7zJLzrIRQ oFEs0WJDQiYmsq4V8CZJda6+YvRd3tzYMVdXtn1I35ICAhyDWN/WPRlFi59mkiSm Rm5PzRnBm5VuOGSXanHP125etxIF4XbycdIJIEU0hGuRJcWyTEqewtOsAHAd4t7O yaPL/j5xTByU6VgxVuQZ8E7LmUI4mWNgcvtx0pxsqqhEDLs1iDs= =JdYU -----END PGP SIGNATURE----- gpgsig -----BEGIN PGP SIGNATURE----- iQFHBAABCgAxFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAluGsEATHGJyb29uaWVA a2VybmVsLm9yZwAKCRAk1otyXVSH0JmJB/9oYMc7Zct9c6HC9T7cqtAMs1AvQA7Y Mlq+GPcgs7TJl/vK9od9cse+jB8wP2pAE83YILcLjJKi9xLyFFoFrAVq29pNYxZx RRVr/XuGAcBA5EDwu5i0XGCZuxflSsdD/s9QJAna4II1FEhUrtysfr95X49RGVZZ hBZpHpOrw5VVoN4Pmzh0FRmXDtuxc0+7/dUrhxGv0QChrlyAwZs/B3W4SDD9dZfw 02jjR02SmPRAhwzw241WQVMLiqZC8bYAgxmGXjzwrhS6o5eARjasUlicQMowSfdt NOLM+Tv64hsMOnx/CoHtj/gl2G72s61W2kSDcd+VhdLwLyzS6odZ5pqO =U3RP -----END PGP SIGNATURE----- Merge tag 'v4.4.153' into linux-linaro-lsk-v4.4 This is the 4.4.153 stable release |
||
|
Linus Torvalds
|
57bb8e37d7 |
+ Cleanups
- apparmor: remove no-op permission check in policy_unpack + Bug fixes - apparmor: fix an error code in __aa_create_ns() - apparmor: Fix failure to audit context info in build_change_hat - apparmor: Check buffer bounds when mapping permissions mask - apparmor: Fully initialize aa_perms struct when answering userspace query -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE7cSDD705q2rFEEf7BS82cBjVw9gFAlt/ZisACgkQBS82cBjV w9ggNA//T41KN8bduCf9mwLjYkdU/hUu/tdHnV9Ss/OfnLRo5HzH8MxCHkrdPL6+ 3/Ex69un1X/6jWi1SN5lphj5Y09cbbrn5LWZ/MbTrPehmHe6OCN/fhjKx2HbKt09 0IwwrmIEwwlYMmDhCe21JqeP6zvSCwPqWcFj73H6MZ8FCItFRfiUevm97G1lzhpP s9L6E6TNs27dvFb/V2CqWpKCuCs8byDA7Vd6g7MiuV6ciz1IpoFqMZiXbl1cpnpa Qt5vN+b7/BzixQFxC7W8y9D5+5x2nV2U8LEHXP9wn7s+dptTPNilPCEKX2t2qPwq 3p5zK2s4V3oWiyuzb7I3xK5lvbWBfPY6LphaIODbUqqug/PvRYQrfhT/dgR5SNpQ +MnIx742PKn/xZt/q9G2n4vCjVppnWCQNFckyk2+TCT0jWyLqpZPlmp4wwAB0R4e oQrEl8y4G8xUX6ufkNFxF3hm5FoXYQgTnVgnkY4ULZ5ZjdPAUJktwWkI4qnS5zeG WmtuxvAKaPQl9knk0K4VoTAFAGSHWeojaW0+ptEmm+uehmm7Ck8f/lYLW7tvOEdk W1CUv7ubuK4uxIXb38IQxfN2Ehm9xaK5SvUT9wB2sH6HG2WGsZI1Vau0qbOClNdd SArqlZCuuZHMs8suqmmVGlS8VRQy4LdHTwfiIpLl7qYdn9yOz4Y= =TdN2 -----END PGP SIGNATURE----- Merge tag 'apparmor-pr-2018-08-23' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor Pull apparmor updates from John Johansen: "There is nothing major this time just four bug fixes and a patch to remove some dead code: Cleanups: - remove no-op permission check in policy_unpack Bug fixes: - fix an error code in __aa_create_ns() - fix failure to audit context info in build_change_hat - check buffer bounds when mapping permissions mask - fully initialize aa_perms struct when answering userspace query" * tag 'apparmor-pr-2018-08-23' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor: apparmor: remove no-op permission check in policy_unpack apparmor: fix an error code in __aa_create_ns() apparmor: Fix failure to audit context info in build_change_hat apparmor: Fully initialize aa_perms struct when answering userspace query apparmor: Check buffer bounds when mapping permissions mask |
||
|
Linus Torvalds
|
4def196360 |
Merge branch 'userns-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
Pull namespace fixes from Eric Biederman:
"This is a set of four fairly obvious bug fixes:
- a switch from d_find_alias to d_find_any_alias because the xattr
code perversely takes a dentry
- two mutex vs copy_to_user fixes from Jann Horn
- a fix to use a sanitized size not the size userspace passed in from
Christian Brauner"
* 'userns-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace:
getxattr: use correct xattr length
sys: don't hold uts_sem while accessing userspace memory
userns: move user access out of the mutex
cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias()
|
||
|
Casey Schaufler
|
091cb7dec8 |
Smack: Mark inode instant in smack_task_to_inode
[ Upstream commit |
||
|
John Johansen
|
c037bd6158 |
apparmor: remove no-op permission check in policy_unpack
The patch 736ec752d95e: "AppArmor: policy routines for loading and
unpacking policy" from Jul 29, 2010, leads to the following static
checker warning:
security/apparmor/policy_unpack.c:410 verify_accept()
warn: bitwise AND condition is false here
security/apparmor/policy_unpack.c:413 verify_accept()
warn: bitwise AND condition is false here
security/apparmor/policy_unpack.c
392 #define DFA_VALID_PERM_MASK 0xffffffff
393 #define DFA_VALID_PERM2_MASK 0xffffffff
394
395 /**
396 * verify_accept - verify the accept tables of a dfa
397 * @dfa: dfa to verify accept tables of (NOT NULL)
398 * @flags: flags governing dfa
399 *
400 * Returns: 1 if valid accept tables else 0 if error
401 */
402 static bool verify_accept(struct aa_dfa *dfa, int flags)
403 {
404 int i;
405
406 /* verify accept permissions */
407 for (i = 0; i < dfa->tables[YYTD_ID_ACCEPT]->td_lolen; i++) {
408 int mode = ACCEPT_TABLE(dfa)[i];
409
410 if (mode & ~DFA_VALID_PERM_MASK)
411 return 0;
412
413 if (ACCEPT_TABLE2(dfa)[i] & ~DFA_VALID_PERM2_MASK)
414 return 0;
fixes:
|
||
|
Ard Biesheuvel
|
1b1eeca7e4 |
init: allow initcall tables to be emitted using relative references
Allow the initcall tables to be emitted using relative references that are only half the size on 64-bit architectures and don't require fixups at runtime on relocatable kernels. Link: http://lkml.kernel.org/r/20180704083651.24360-5-ard.biesheuvel@linaro.org Acked-by: James Morris <james.morris@microsoft.com> Acked-by: Sergey Senozhatsky <sergey.senozhatsky@gmail.com> Acked-by: Petr Mladek <pmladek@suse.com> Acked-by: Michael Ellerman <mpe@ellerman.id.au> Acked-by: Ingo Molnar <mingo@kernel.org> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Arnd Bergmann <arnd@arndb.de> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: Bjorn Helgaas <bhelgaas@google.com> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: James Morris <jmorris@namei.org> Cc: Jessica Yu <jeyu@kernel.org> Cc: Josh Poimboeuf <jpoimboe@redhat.com> Cc: Kees Cook <keescook@chromium.org> Cc: Nicolas Pitre <nico@linaro.org> Cc: Paul Mackerras <paulus@samba.org> Cc: Russell King <linux@armlinux.org.uk> Cc: "Serge E. Hallyn" <serge@hallyn.com> Cc: Steven Rostedt <rostedt@goodmis.org> Cc: Thomas Garnier <thgarnie@google.com> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Will Deacon <will.deacon@arm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Dan Carpenter
|
0a6b29230e |
apparmor: fix an error code in __aa_create_ns()
We should return error pointers in this function. Returning NULL
results in a NULL dereference in the caller.
Fixes:
|
||
|
Linus Torvalds
|
f91e654474 |
Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull integrity updates from James Morris: "This adds support for EVM signatures based on larger digests, contains a new audit record AUDIT_INTEGRITY_POLICY_RULE to differentiate the IMA policy rules from the IMA-audit messages, addresses two deadlocks due to either loading or searching for crypto algorithms, and cleans up the audit messages" * 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: EVM: fix return value check in evm_write_xattrs() integrity: prevent deadlock during digsig verification. evm: Allow non-SHA1 digital signatures evm: Don't deadlock if a crypto algorithm is unavailable integrity: silence warning when CONFIG_SECURITYFS is not enabled ima: Differentiate auditing policy rules from "audit" actions ima: Do not audit if CONFIG_INTEGRITY_AUDIT is not set ima: Use audit_log_format() rather than audit_log_string() ima: Call audit_log_string() rather than logging it untrusted |
||
|
Linus Torvalds
|
c715ebeb03 |
Merge branch 'next-tpm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull TPM updates from James Morris: - Migrate away from PM runtime as explicit cmdReady/goIdle transactions for every command is a spec requirement. PM runtime adds only a layer of complexity on our case. - tpm_tis drivers can now specify the hwrng quality. - TPM 2.0 code uses now tpm_buf for constructing messages. Jarkko thinks Tomas Winkler has done the same for TPM 1.2, and will start digging those changes from the patchwork in the near future. - Bug fixes and clean ups * 'next-tpm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: ima: Get rid of ima_used_chip and use ima_tpm_chip != NULL instead ima: Use tpm_default_chip() and call TPM functions with a tpm_chip tpm: replace TPM_TRANSMIT_RAW with TPM_TRANSMIT_NESTED tpm: Convert tpm_find_get_ops() to use tpm_default_chip() tpm: Implement tpm_default_chip() to find a TPM chip tpm: rename tpm_chip_find_get() to tpm_find_get_ops() tpm: Allow tpm_tis drivers to set hwrng quality. tpm: Return the actual size when receiving an unsupported command tpm: separate cmd_ready/go_idle from runtime_pm tpm/tpm_i2c_infineon: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) tpm_tis_spi: Pass the SPI IRQ down to the driver tpm: migrate tpm2_get_random() to use struct tpm_buf tpm: migrate tpm2_get_tpm_pt() to use struct tpm_buf tpm: migrate tpm2_probe() to use struct tpm_buf tpm: migrate tpm2_shutdown() to use struct tpm_buf |
||
|
Linus Torvalds
|
04743f89bc |
Merge branch 'next-smack' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull smack updates from James Morris: "Minor fixes from Piotr Sawicki" * 'next-smack' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: Smack: Inform peer that IPv6 traffic has been blocked Smack: Check UDP-Lite and DCCP protocols during IPv6 handling Smack: Fix handling of IPv4 traffic received by PF_INET6 sockets |